Typical screen displayed in place of banned site during Iranian Internet access

Prof. J. Alex Halderman and two anonymous coauthors have published the first peer-reviewed technical study of Iran's national censorship infrastructure, revealing much about the extent and nature of one of the largest and most sophisticated Internet censorship regimes in the world. Until now, little has been known regarding the details of Iran’s censorship system due to a lack of access to network connections within the country and because of the risk to Iranian citizens who fall afoul of FATA, the government cyber police unit that monitors citizens' online activities.

To conduct their study, the researchers set up a small testbed in Iran from which to make network measurements in order to gain an understanding of the mechanisms used for network filtering. They analyzed traffic to blocked and non-blocked hosts at the
packet level, and used traceroutes to study hops inside
the country’s infrastructure. This was done during the lead up to the June 2013 presidential election.

The researchers measured the scope of the censorship by probing Alexa’s top 500 websites in 18 different categories. They investigated the technical mechanisms used for HTTP Host-based blocking, keyword filtering, DNS hijacking, and protocol-based throttling.

As a result of their investigations, the researchers learned that specific sites hosting material including pornography, art, news, and society were heavily blocked. Additional contextual filtering was employed to identify and block related material.

A finding of particular interest for censorship resistance was the centralized nature of Iran's censorship system. While individual ISPs may employ additional
blocking mechanisms, the research results suggest that at least
DNS and HTTP filtering occur at the national level. New censorship resistance systems
could explore techniques for overwhelming the central
monitoring hardware with spoofed traffic, for instance, or
for tunneling data past it and then further distributing it in
a peer-to-peer manner within the country.

Prof. Halderman is a noted computer security expert whose research places an emphasis on problems that broadly impact society and public policy. His interests include software security, network security, data privacy, anonymity, electronic voting, censorship resistance, digital rights management, computer forensics, ethics, and cybercrime, as well as the interaction of technology with law, governmental regulation, and international affairs.